Check CVE Id
Check CWE Id
A vulnerability has been identified in Citrix Virtual Apps and Desktops that could, if exploited, allow a user of a Windows VDA that has either Citrix Profile Management or Citrix Profile Management WMI Plugin installed to escalate their privilege level on that Windows VDA to SYSTEM.
An authorised user on a Windows host running Citrix Universal Print Server can perform arbitrary command execution as SYSTEM in CVAD versions before 2009, 1912 LTSR CU1 hotfixes CTX285870 and CTX286120, 7.15 LTSR CU6 hotfix CTX285344 and 7.6 LTSR CU9.
Citrix XenApp 6.x before 6.5 HRP07 and 7.x before 7.9 and Citrix XenDesktop before 7.9 might allow attackers to weaken an unspecified security mitigation via vectors related to memory permission.
Citrix Studio before 7.6.1000, Citrix XenDesktop 7.x before 7.6 LTSR Cumulative Update 1 (CU1), and Citrix XenApp 7.5 and 7.6 allow attackers to set Access Policy rules on the XenDesktop Delivery Controller via unspecified vectors.
The XML Service interface in Citrix XenApp 6.5 and 6.5 Feature Pack 1 allows remote attackers to execute arbitrary code via unspecified vectors.
Citrix XenApp (formerly Presentation Server) 4.5 Hotfix Rollup Pack 3 does not apply an access policy when it is defined with the Access Gateway Advanced Edition filters, which allows attackers to bypass intended access restrictions via unknown vectors.
Unspecified vulnerability in Citrix XenApp (formerly Presentation Server) 4.5 Feature Pack 1 and earlier, Presentation Server 4.0, and Access Essentials 1.0, 1.5, and 2.0 allows local users to gain privileges via unknown attack vectors related to creating an unspecified file. NOTE: this might be the same issue as CVE-2008-3485, but the vendor advisory is too vague to be certain.
Metaframe presentation server
Program neighborhood agent
Metaframe password manager
Ica program neighborhood client
Metaframe secure access manager
Program neighborhood client
Presentation server client
Endpoint analysis client
Edgesight for endpoints
Edgesight for netscaler
Edgesight for presentation server
Citrix presentation server
Deterministic network enhancer
Netscaler access gateway firmware
Online plug-in for mac
Online plug-in for windows
Receiver for iphone
Ica client for linux
Ica client for solaris
Online plug-in for mac for xenapp & xendesktop
Online plug-in for windows for xenapp & xendesktop
Receiver for windows mobile
Licensing administration console
Netscaler access gateway
Cloudportal services manager
Netscaler application delivery controller
Netscaler application delivery controller firmware
Xenmobile device manager
Xenmobile device manager mdm
Sharefile mobile for tablets
Access gateway plug-in
Netscaler gateway firmware
Netscaler service delivery appliance service vm
Netscaler gateway 11.0 firmware
Xenmobile mdx toolkit
Linux virtual delivery agent
License server vpx
Application delivery controller firmware
Citrix sd-wan center
Netscaler sd-wan center
Sharefile storagezones controller
Gateway plug-in for linux
Virtual apps and desktops
Application delivery management
Federated authentication service
Back to Top